| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 46168 | 2004-06-15 09:51:00 | Seek comments/URLS for Hardware firewalls | htennent (4850) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 244839 | 2004-06-15 09:51:00 | I am interested in getting some opinions on whether a dedicated standalone firewall would be beneficial for my ADSL connection. I am currently using a consumer-end Dynalink RTA300 ADSL router. It has a built in switch, and has a number of features you would expect in a mid-range firewall, i.e Stateful Packet Inspection, Intrusion Detection (Appears a bit limited), VPN pass-thru, NAT (Built-in switch), and DHCP etc. This router is not ICSA-certified. (Not the model recently found to be vulnerable to certain attacks). I see standalone firewalls that range in prices $400 - $2000+. Im thinking that these firewalls would provide their greatest advantage in protecting connections that need to provide services (e.g Web serving, FTP etc). I only have 3 machines connected to the router, not providing any services (Is using the router to drop all unsolicited packets and playing hide and seek really good enough?) I have no use for the VPN features of any firewalls at the moment. All the network clients are running ZoneAlarm Pro and the usual hardened operating systems and anti-viral tools. Email-attack alerts seem interesting, and ive seen a few products (NetGear inparticular) with this feature. Im interested in opinions, and I can't find anything on the net that compares built-in router firewall features with standalone product. | htennent (4850) | ||
| 244840 | 2004-06-15 14:17:00 | I don't think you need much more than what you've got and making sure remote access is not enabled in the router. If you want a bit more control such as content filtering, etc, consider one of these disto's (www.distrowatch.com) on an older box. Certainly wont cost you anything like a purpose built proprietary hardware firewall but will give you the same if not more. Smootwall, IpCop or m0nowall seem to be popular. I haven't used one yet but, will do so when I get cable internet connected rather than splash out for a router/firewall. Ah! m0n0wall is here not up there (m0n0.ch). Cheers Murray P |
Murray P (44) | ||
| 244841 | 2004-06-15 22:23:00 | I agree with Murray. You probably don't need any more that you have already got, and it's plenty good enough to protect your network. You'll never be 100% safe anyway, look at the large corporate networks like the FBI etc. They have huge security networks and access to the strongest security available and yet they still get hacked. I wouldn't worry about it too much....with your current router and zone alarm you should be fine. | Sb0h (3744) | ||
| 1 | |||||